diff --git a/lib/server/auth.js b/lib/server/auth.js
index ef7b2c43..1f3fe357 100644
--- a/lib/server/auth.js
+++ b/lib/server/auth.js
@@ -29,14 +29,18 @@
     }
     
     function check(username, password, callback) {
-        var sameName,
+        var BAD_CREDENTIALS = false,
+            sameName,
             samePass,
             name    = config('username'),
             pass    = config('password'),
             algo    = config('algo');
         
-        sameName    = username === name;
-        samePass    = pass === criton(password, algo);
+        if (!password)
+            return callback(BAD_CREDENTIALS);
+        
+        sameName = username === name;
+        samePass = pass === criton(password, algo);
         
         callback(sameName && samePass);
     }